We have installed TFS 2010 with success but wonder how to set the users permissions. We are small projects with five developers, a manager and a secretary. Each developer is working itself with one or more projects, we have no cooperation between any projects. We want everyone to be able to see all the code for each project, but that only those who are responsible for the code to change it. However, we want everyone to create Work Items for all projects. How should we set this up?
+1
A:
In Visual Studio, go to Team Explorer (View - Team Explorer). Right-click the root node (servername\collectionname). Go to Team Project Collection Settings. Here you have 2 options; Security, and Group Membership. Use Security to choose which users/groups can do what. Use Group Membership to add/remove users from security groups. I would recommend creating a group with limited access and add everyone to it. Then, you can right-click on a project in team explorer, go to Team Project Settings -> Group Membership. Add that group to the Readers group so everyone can read that project. Then, add those responsible for the code to the Contributors group, or even the Project Administrators group if you want them to have more power.
Panda
2010-09-08 18:58:52
But can everyone create Work items (bugs or issues) if I do so?
magol
2010-09-09 06:34:29
If I do so, users that are not in Contributors group or Project Administrators group can not add Work items. How do I solve that?
magol
2010-09-09 14:32:01
A:
You can use the TFS Admin tool: http://tfsadmin.codeplex.com.
It is an easy tool to set the permissions for TFS, SharePoint and SSRS.
Ewald Hofman
2010-09-08 20:53:49
you need to install Team Explorer 2008 and the forward compatibility update. Not TFS 2008!
Ewald Hofman
2010-09-09 18:35:56
+1
A:
For detailed information about TFS 2010 permissions you can check this http://msdn.microsoft.com/en-us/library/ms252587.aspx
If you want a user can read the codes you have to give him/her only Read permission and to avoid changing code you have to deny check out and check in permissions. You can set these permissions by right clicking the folder or file in Source Control Explorer, Clicking Properties and clicking Security tab.
For Work Items you have to give WORK_ITEM_WRITE and WORK_ITEM_READ permissions. You can do by right-clicking the project in Team Explorer, clicking Areas and Iterations, and on the Area tab, clicking Security
bahadir arslan
2010-09-13 14:55:00
A:
See the workaround I posted here - http://stackoverflow.com/questions/3446872/adding-active-directory-users-to-team-foundation-server/3872132#3872132
It will allow you to add users to your TFS 2010 project without having access to the remote domain (useful when you have remote developers or when your Team Foundation Server is remotely hosted.)
The steps include details about adding new users to your project groups.
atanner
2010-10-06 12:00:40